[meta-freescale] [PATCH 1/1] arm: imx: fsl_otp: make fuses (OTP memory) read-only

Alexander Holler holler at ahsoftware.de
Fri Nov 7 07:26:06 PST 2014


Am 07.11.2014 16:06, schrieb Otavio Salvador:
> On Fri, Nov 7, 2014 at 12:40 PM, Alexander Holler <holler at ahsoftware.de> wrote:
>> Am 07.11.2014 um 12:34 schrieb Otavio Salvador:
>>>
>>> On Fri, Nov 7, 2014 at 7:43 AM, Alexander Holler <holler at ahsoftware.de>
>>> wrote:
>>>>
>>>> Nothing in userspace should be able to kill the HW.
>>>> Not even just as root and for sure not that easy.
>>>>
>>>> For obvious reason, I haven't tested this patch thoroughly.
>>>>
>>>> Reported-by: Jon Nettleton <jon.nettleton at gmail.com>
>>>> Signed-off-by: Alexander Holler <holler at ahsoftware.de>
>>>
>>>
>>> I have a mix of feelings about the patch.
>>>
>>> Long story, short:
>>>
>>>   - We ought to have a FSL_OTP_WRITE_SUPPORT config option
>>>
>>> The writing support is specially useful for manufacturing images where
>>> we can use Linux to do the initial programing, consult a database to
>>> find out inventory information (MAC address for example) and do proper
>>> programing on the OTP fuses. However I also believe we shouldn't have
>>> this available on regular kernel images as it is easy to get a
>>> 'expensive paper weight'.
>>>
>>> So would you be keen to rework the patch and include a write support
>>> config option?
>>
>>
>> No.
>>
>> Sorry but I really think such dangerous stuff never should make it's way
>> into any kernel which doesn't have big red and yellow signs attached to
>> it. And unfortunately that isn't possible.
>>
>> And even if it would be possible to mark kernels as dangerous, I think
>> that functionality should only be part of a bootloader where it isn't
>> reachable by normal userspace.
>
> Ok so I am here Nacking your patch.

Feel free to so. Seems to be part of your responsibility.

Alexander Holler


More information about the meta-freescale mailing list